Dmitry V. Levin discovered a path traversal flaw in how GNU tar extracted archives. A malicious user could create a tar archive that could write to arbitrary fiels that the user running tar has write access to.

Updated packages have been patched to prevent these issues. _______________________________________________________________________